3. Black hole attack in AODV
• Malicious node send a RREP packet to source node
• Some times a chain of black nodes perform this attack(Cooperative
black hole attack)
birjutank27@gmail.com
4. Black hole Attack Detection
• Maintain a backbone network which operates at a level above the ad-
hoc network.
• This Algorithm nodes are divided in three parts:
• Regular Node (RN): low power and low transmission range, not
trustworthy.
• Back Bone Node (BN): Have high transmission range and form a
core that monitors the nodes
• Backbone core node (BCN) : Similar power as BN, these nodes
can be elevated to BN nodes for increasing connectivity and
coverage of the network
birjutank27@gmail.com
5. Cont’d
• This algorithm is having mainly two parts.
1. Core Formation and maintenance
2. Detection of Black/malicious nodes.
• Core Formation and maintenance: Core formation progresses
incrementally. During this BCN node perform some tasks those are
I. Detect RN in its neighbourhood, if found broadcast “invitation”
message.
II. On receiving Join request from RN, check if it is reachable in
specified number of hops, if yes add in associated node list else
in unassociated list.
III. if no other request go to next grid.
birjutank27@gmail.com
6. Cont’d
IV.If BCN detects any BN in its vicinity then this node sends a
coordination message to BN and waits for reply.
V. BCN on receiving reply to coordination message, it executes
action which is specified in the reply.
• Action of a Regular node:
I. Every Regular node first check if it is associated with some
BCN or BN, if yes then terminate its actions.
II. On receiving invitation message send a join request, and after
getting reply for its join request from BN or BCN send
“accept” to BN or BCN.
birjutank27@gmail.com
7. Cont’d
• Detection of Black/malicious nodes : The key idea is that source
node, after every block of data packets, asks the backbone network to
perform end-to-end check with the destination, whether the packets
have reached it.
• If destination did not receive a block of data packets, then backbone
network initiates the detection of the chain of malicious nodes.
birjutank27@gmail.com
8. Cont’d
• Let Suppose here :
• S : Source node,
• D: Destination node,
• N1:Backbone node, to which S
is associated
• N2:Backbone node, to which D
is associated V : Regular Node
• Nr: is the node which send
RREP to S (For the RREQ for S
to D route)
birjutank27@gmail.com
9. Cont’d
• Actions of S
• Divide the data into k equal parts let say Data[1..k].
• end a prelude message to D with shared key k.
• Sends the data to D and after that send a message check having Nr,
to N1.
• If an “ok” is received from N1 the continue data sending.
• if a “not ok” is received from N1 then sets a timer for malicious
removal. If before timeout receive the “removed ok” from N1 then
go to step 2, else terminate.
• D on receiving prelude from S. Wait for data packet and after
receiving data send a postulate message from N1 and S stating the
number of packets received from S.birjutank27@gmail.com
10. Conclusion
• Using this Algorithm the Simple black hole attack, Cooperative black
hole attack can be removed, and also to some extent Gray hole attack
can also be removed.
• This algorithm takes O(md) number of hops to detect black nodes.
Where m is the number of malicious nodes and d is the diameter of the
network.
birjutank27@gmail.com
next hop information is also asked than malicious node provide next malicious node as next hop, so when confirmed with the next hop then next malicious node replies that i am having route to the destination node but actually they don't have any information of routes to destination.